Home Malware Programs Trojans Infostealer.Alina

Infostealer.Alina

Posted: February 12, 2013

Threat Metric

Threat Level: 9/10
Infected PCs: 9
First Seen: February 12, 2013
Last Seen: March 6, 2020
OS(es) Affected: Windows

Infostealer.Alina is a Trojan that steals personal information from the affected computer and transmits it to a remote location. When executed, Infostealer.Alina copies itself as the potentially malicious file. Infostealer.Alina then creates the registry entry so that it can run automatically every time Windows is started. Infostealer.Alina also enumerates the running processes on the infected computer system and transfers statistics to a remote location. Infostealer.Alina may also download updates of itself if necessary.

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.

The following files were created in the system:



FFGUG.ex File name: FFGUG.ex
Size: 61.44 KB (61440 bytes)
MD5: 37493eb319d126d0ab8f5a55da85563d
Detection count: 26
Mime Type: unknown/ex
Group: Malware file
Last Updated: February 13, 2013
%UserProfile%\Application Data\[FILE NAME].exe File name: %UserProfile%\Application Data\[FILE NAME].exe
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
adobeflash.exe File name: adobeflash.exe
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
dwm.exe File name: dwm.exe
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
desktop.exe File name: desktop.exe
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
jusched.exe File name: jusched.exe
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
jucheck.exe File name: jucheck.exe
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
java.exe File name: java.exe
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
win-firewall.exe File name: win-firewall.exe
File type: Executable File
Mime Type: unknown/exe
Group: Malware file

Registry Modifications

The following newly produced Registry Values are:

HKEY..\..\{Value}HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\"[FILE NAME]" = "%UserProfile%\Application Data\[FILE NAME].exe"
Loading...